Posted
by
timothy
on Sunday March 13, 2016 @11:03AM
from the proofreading-is-chepa dept.

New submitter tlambert writes: Unknown persons stole Bangladesh Bank transfer credentials for payments via the international banking system, and then proceeded to start moving money to the Philippines and Sri Lanka. A human foiled the plot after ~$80M had been stolen with another $870M stopped, after they noticed the word 'foundation' misspelled in one of the requests. Bangladesh, meanwhile, is blaming the U.S. Federal Reserve for trusting their credentials. (Note: Bangladesh Bank isn't like Bank of America; it's the country's central bank.)

That kind of capital is chump change for the Fed. For these foreign banks it's a lot of money. You'd expect that kind of money transfer to trigger some sort of alert before it goes through, but the Fed isn't in the business of bailing out foreign banks. I'm sure domestic banks is another story.

There is always some engineer or IT guy with the keys to the kingdom at these banks with potentially more power than Janet Yellen.

And there are transaction rollback procedures in place in case that engineer or IT guy misbehaves. If Bangledesh Bank hadn't revoked the credentials, then why should the Federal Reserve bank not have trusted them? Your transaction credentials are your identity in the banking system; telling another bank not to trust your (valid and not revoked or reported compromised) credentials is effectively telling them not to trust you. I'll repeat myself: if that's what Bangledesh Bank wants, it's what they should get

Modern security especially for this kind of amount of money would really worth having an out of bond validation of money transfer.

Not taxing transaction does not means that transactions should have non null costs. So de facto the minimal tax that should be imposed to money transactions on the internet MUST be a strong real authentication of the persons out of the internet plan to validate transactions.

Else, we are just letting frauders have a good incentive to cheat. Especially since the victims are all for

More like insider job likely with the backing of corrupt intelligence services. Once you get to that level, you are will outside the scope of amateur hackers. By far the majority of high level hacks will be government intelligence contractors (the inherent nature of the people they recruit) and actual government agents, the more corrupt the government the far more likely that is to happen. So pretty much a solid indication of how much private interests must protect themselves from government invasion, espe

With credentials for the central bank, they could have collapsed the entire nation. Hell, they were going to steal almost a full 1% of the nation's GDP! 1% might not sound like much, but it would have been devastating.